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APPLICATION SYSTEM CERTIFICATION PROCESS 

TECHNICAL FIELD 

The invention relates generally to a process for certifying 
a software application and more particularly to a process for 
certifying a software application prior to its deployment. 

BACKGROUND OF THE INVENTION 

When a new software application is to be deployed in an 
organization it is essential that the application conform to the 
business environment of the organization. This is particularly 
critical when the software application supports one or more 
business processes of the organization and therefore must include 
various checks and steps needed to provide results for proper 
business controls as well as operate reliably with high quality. 

Techniques and processes as described below have been 
developed for addressing this problem, primarily directed to the 
software quality and reliability requirement. However, no 
satisfactory solution has heretofore been found which addresses 
the business control and software quality concerns. Post 
installation audits in particular by their very nature are 
applied after an application is operational and therefore are not 
effective during a pre-installation certification. 
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Belfer et al . in US Patent 5,045,994 describe a method of 
testing application software using an emulation environment. A 
user can call sequences of input-output screen pairs used to 

25 submit and receive information to/from the application. The 

screens are prepared offline. An input screen has actual input 
information for the application. A corresponding output screen 
has the expected results. The expected results are compared to 
the actual results received after running the application using 

30 the input information in the input screen, 

Gil describes in US Patent 5,500,941 a method of performing 
software validation testing on large electronic systems to 

0 determine the quality of the software within the large system. 
Hj A plurality of stimuli are defined to cause the software to 
'^|5 transition from one state to another. The responses to the 

01 stimuli are identified and the probabilities of occurrence of the 
m state transitions are calculated. A usage model is built from a 
f,. plurality of usage cases, where each usage case is identified as 
^ comprising a set of state transitions. The probability of 

f^O occurrence of each usage case is also calculated. A usage 
5 profile is built listing the usage cases in order of descending 

probability. An automated test program is compiled from the 
usage profile, the stimuli, and the responses. The test program 
is then executed on the software system to analyze and report the 
45 software quality. 
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H. Sassenburg in a paper entitled ''How to sustain (S) PI? 
assessing readiness for (software) process improvement," 
presented at the SPI 95 European Conference on Software Process 
Improvement, Barcelona Spain, Dec. 1995 states in the abstract 
5 that the Capability Maturity Model has led to software process 
improvement programs. However, most such programs are quietly 
terminated, A checklist for determining where weak points exist 
in the program can be used to increase the probability of the 
program succeeding. 

10 European patent EP989713 describes a use for certified 

software. EP997807 describes a method of certifying transmission 

O of software. Japanese patent JP11025053A determines the 

r\ certification of a person through use of an IC card. PCT patent 

fy W09834365 describes a method of distributing certified software. 

|||5 PCT patent WO 200010283 describes a method of controlling access 

[^ij to video and audio content by determining whether the BIOS and 

^ operating system is certified for access. 

All of the above described patents are incorporated herein 
Q by reference. 

20 Despite these developments a satisfactory process for 

certifying software applications to be deployed in a business is 
still needed. 
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Therefore; in accordance with the teachings of the present 
invention there is provided an improved process for certifying 
software applications prior to their deployment in a business. 
It is believed that such a process would constitute a significant 
5 advancement in the art, 

OBJECTS AND SUMMARY OF THE INVENTION 

It is therefor a principal object of the present invention 
to enhance the software certification art by providing a process 
with enhanced capabilities. 

fJO It is another object to provide such a process wherein 

enhanced operational capabilities are provided, 

Q1 These and other objects are attained in accordance with one 

'J^ embodiment of the invention wherein there is provided a process 

for certifying a software application prior to deployment, 
145 comprising the steps of, entering a review request for a software 

application into a staging database, assigning a reviewer and 
O scheduling a time for the review, performing a readiness 

assessment prior to the time for the review, conducting the 

review by the reviewer including providing an overview and 
20 process flows identifying control points, providing deliverables, 

and providing a test plan, reporting results of the review, and 

determining whether the results justify a decision of 

certification of the software application. 
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In accordance with another embodiment of the invention there 
is provided a process for certifying a software application, 
comprising the steps of, entering a review request for a software 
application into a staging database, assigning a reviewer and 
5 scheduling a time for the review, performing a readiness 

assessment prior to the time for the review, conducting the 
review by the reviewer including providing an overview and 
process flows identifying control points, providing deliverables, 
and providing a test plan, reporting results of the review, 
10 determining whether the results justify a decision of 
certification of the software application, and if so, 
deploying the software application, and executing at least a part 
□ of the test plan. 

nj BRIEF DESCRIPTION OF THE DRAWINGS 

IziS FIG. 1 is a flowchart of a process for certifying a software 
application in accordance with the present invention; and 

]^ FIG. 2 is a flowchart showing additional steps for certifying a 

O software application in accordance with another embodiment of the 

invention . 
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BEST MODE FOR CARRYING OUT THE INVENTION 



For a better understanding of the present invention, 
together with other and further objects, advantages, and 
capabilities thereof, reference is made to the following 
disclosure and the appended claims in connection with the above- 
described drawings . 

In FIG. 1 there is shown a flowchart 10 of a process for 
certifying a software application in accordance with the present 
invention. The software application may be any type of software 
application including for example a spreadsheet application. 
Certification may be particularly important if the spreadsheet 
application performs functions which are financially sensitive 
including a direct feed into a second certified software 
application. In such an arrangement the first software 
application is referred to as a trusted source for the second 
application. 

The software application may also be a common application 
where a function is developed for use at multiple locations. All 
locations adhere to a central process, however, each installation 
may implement different controls, procedures, local interfaces, 
and operate in a different local environment. Certification of 
common applications must therefore also focus on these 
differences including any base code modification or differing use 
of program exits. 
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The software application may also be purchased from a 
vendor. Regardless of how acquired, such applications must 
comply with the certification standards of internally developed 
applications* In some cases the certification may be performed 
prior to the decision to purchase the application, for example 
through certification using a copy of the application obtained on 
a trial basis. 

Some software applications, whether purchased or internally 
developed, are widely used throughout a company including 
deployment in multiple geographies. Such applications are 
referred to as enterprise wide systems. Certification of the 
initial installation may form a base from which further 
certification can be performed on further geography deployments 
as they occur, with focus on the geographical differences. 

In step 12 a review request for a software application is 
entered into a staging database. The staging database may be any 
type of database including but not limited to a relational 
database, sequential database, or spreadsheet database. The 
request may provide application detail and complexity factors. 
It may also provide date, duration, contact and review location 
details , 
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In step 14 a reviewer is assigned to the review and a time 
is scheduled for the reviews. The reviewer and person entering 
the request may be automatically, by e-mail or other means, or 
manually notified of the scheduled time and location for the 
review. Steps 12 and 14 may be performed using an automated 
function to enter the review request into the staging database, 
assign the reviewer, schedule the time, and notify the reviewer 
and person entering the request. The automated function also 
assists in tracking review status, date changes, and assignments 

Prior to the review a readiness assessment is performed in 
step 16. The readiness assessment may also be automated. A 
checklist of questions may be used as a way to perform such an 
assessment. For example the list of questions shown below in 
Table 1 may be used. A sensitive program is taken to mean any 
program that creates a hardcopy negotiable document such as a 
check. 
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TABLE 1- Readiness Assessment 



1. Has a business process owner been identified? 

2. Has all applicable testing been completed? (e.g, regression, 
system, function, user acceptance, cycle, unit) 

3 • Have all service level agreements and documents of 
understanding been identified and approved? 

4. Have data flow diagrams /charts been completed and control 
points identified? 

5. Have separation of duties assessments been completed and 
associated documentation created? (e,g, matrix, job 
responsibilities, application system access) 

6. Has the application system been assessed for identification 
of sensitive programs? 

7 . Have all control procedures been identified and documented? 
(e.g. system management control, desk procedures, disaster 
recovery, table maintenance, fallback) 

8. Is there compliance with all applicable corporate 
instructions and standards? 

9. Is the service provider in compliance with all applicable 
corporate instructions, standards, and guidelines. 

10. Has an education plan been developed and implemented? 

11. Have all data migration and/or data conversion plans been 
defined and documented? 

12. Have all risks been documented and accepted? 

13. Have all downstream applications been approved? 

14. Have all upstream software applications used as a trusted 
source been certified? 
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The person entering the review request in step 12 would 
normally be asked to complete a checklist by answering the 
questions and thereby perform the readiness assessment in step 
16 ♦ Other types of readiness assessment known in the art may 
5 also be performed without departing from the scope of the 
invention. 

In step 18 a review is conducted by the reviewer assigned in 
step 14 or his designee (s). The review may take many forms such 
as a written document, presentation, or description, but includes 
10 providing an overview of the software application and process 

flows identifying control points. The overview comprises an 
O application environmental overview which is taken to mean a high 

C\ level business process overview that describes the function 

nj performed within a business unit. The application environmental 

[15 overview also describes how the software application fits within 

the business environment. The overview also comprises an 
^ architectural overview including a description of the functional 

requirements, data requirements, control and auditability 
requirements, platform security, and system requirements. The 
QO architectural overview also identifies the upstream and 

downstream interfaces and key dependencies within the software 
application. The architectural overview also describes how the 
application works, what are the data input/output dependencies, 
what are the application's interrelationships, and what are the 
25 platform security requirements. 
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Process flows may be provided as flowcharts identifying the 
position of automated or manual control points within the 
software application. Each control point includes text 
describing how the control point works and actions to be taken 
for both normal and exception control outcome. The flowcharts 
demonstrate that the software application is controlled, data 
integrity and accuracy is maintained, and fraud can be prevented 
or detected. The text accompanying a control point may describe 
reconciliation and balancing controls; system interface/bridge 
administration and error recovery; process, system, or 
application error recovery; authorization/verification controls; 
and master table maintenance controls. 

The review may also include a separation of duties 
evaluation to determine conflicting (non-permitted) tasks. A 
task can be application access, system activities/ transactions , 
or job responsibilities. A matrix can be used to evaluate and 
demonstrate the non-permitted tasks. The matrix lists tasks for 
each row e.g. down the left side, and the same tasks for each 
column e.g. across the top. An X or other symbol in a matrix 
cell indicates that the two tasks identified by the row and 
column containing the cell with the X are a conflict and must be 
performed by different people. The reviewer verifies that all 
the pairs of tasks having an X will indeed be separated when the 
application is deployed. 
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The review may also include an evaluation of control points 
that prevent unauthorized change or access to the software 
application. Changes can include changes to programs, tables, 
configuration, authorization, or profiles* 

5 The review may also include evaluation of an asset 

protection plan identifying control points that ensure all data 
has been properly identified, classified, and protected. 

A test plan is provided as part of the review. The test 
plan describes the criteria (breadth and depth) for successful 
10 test completion in all test phases such as regression, function 
Q and system test. The test plan defines the minimum criteria that 
'^^ must be met before acceptance of the software application. It 
nj also describes test scenarios and expected results for all 

Ol control points. The test plan may include tests to be performed 

1^5 after deployment of the software application. 

yk Test execution results are one of the deliverables provided 

'Jl in the review. Actual testing results (both negative and 

□ positive) are compared to the expected results. The test 

execution results also include a statement identifying who 
20 performed the test and when it was performed. 

Deliverables of step 18 comprise all of the items produced 
during the review as described above. 
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A demonstration may optionally be provided. The 
demonstration is a live simulation of the application showing the 
end-to-end processing steps. The demonstration may include live 
on-line testing. A sample test involving incorrect input data or 
a illogical function request may be run during the demonstration 
to verify proper handling of such data or requests. 

The results of the review are reported in step 20, Results 
include but are not limited to test execution results, process 
flowcharts and any statements expressed by the reviewer regarding 
the evaluations described above. Various on-line or automated 
tools may be used to report the results and to permit on-line 
review of the results. 

In step 22, it is determined whether the results justify 
certification of the software application. The reviewer would 
normally make this determination based on the results, however 
other methods of determination such as group consensus or 
management signoff may be used. 

In FIG, 2 there is shown an additional flowchart 3 0 
describing additional steps performed in another embodiment of 
the present invention. After step 22 of FIG. 1, the software 
application is deployed in step 32, Deployment is taken to mean 
installation, activation, and use in a production manner. In 
step 34, the post deployment portion of the test plan of step 18 
is executed. A post audit of the execution test results is 
performed. 
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A quality assurance survey may be sent automatically or 
manually to the person who entered the request in step 12 . The 
survey may be an automated function. Survey results are then 
used to improve the quality of the certification process of the 
5 present invention. 

While there have been shown and described what are at 
present considered the preferred embodiments of the invention, it 
will be obvious to those skilled in the art that various changes 
and modifications may be made therein without departing from the 

10 scope of the invention as defined by the appended claims. For 
example, the steps of flowchart 10 may be fully or partly 

;:;| embodied in a computer program product. 
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What is claimed is: 



1 1. A process for certifying a software application prior to 

2 deployment, comprising the steps of: 

3 entering a review request for a software application into a 

4 staging database; 

5 assigning a reviewer and scheduling a time for said review; 

6 performing a readiness assessment prior to said time for said 

7 review; 

conducting said review by said reviewer including providing an 

1119 overview and process flows identifying control points, providing 

fiO deliverables, and providing a test plan; 

-11 reporting results of said review; and 

L|2 determining whether said results justify a decision of 

33 certification of said software application. 



1 2. The process of claim 1, wherein said review request is entered 

2 into a spreadsheet database • 

1 3, The process of claim 1, wherein said readiness assessment is 

2 performed by answering questions in a checklist. 
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1 4, The process of claim 1, wherein said overview comprises an 

2 application environmental overview and an architectural overview. 

1 5. The process of claim 1, wherein said process flows comprise 

2 flowcharts. 

1 6. The process of claim 5, wherein said flowcharts identify the 

2 position of automated or manual control points within the 

3 software application, 

1 7. The process of claim 5, wherein said control points include 

2 text describing actions to be taken for normal and exception 
13 control outcome. 

fl 8, The process of claim 1, wherein said review includes a 

i2 separation of duties evaluation, 

1 9. The process of claim 1, wherein said review includes an 

:i2 evaluation of control points that prevent unauthorized change to 

p said software application. 

'l 10. The process of claim 1, wherein said test plan describes test 

2 scenarios and expected results for all said control points. 

1 11. The process of claim 1, wherein said review further comprises 

2 providing a demonstration. 
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1 12 . A process for certifying a software application, comprising 

2 the steps of: 

3 entering a review request for a software application into a 

4 staging database; 

5 assigning a reviewer and scheduling a time for said review; 

6 performing a readiness assessment prior to said time for said 

7 review; 

8 conducting said review by said reviewer including providing an 
Cj9 overview and process flows identifying control points, providing 
^ deliverables, and providing a test plan; 

-31 reporting results of said review; 

:12 determining whether said results justify a decision of 

ki3 certification of said software application, and if so; 

bf4 deploying said software application; and 

15 executing at least a part of said test plan. 

1 13. The process of claim 12, wherein said review further 

2 comprises providing a demonstration. 
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1 14. A computer program product for instructing a processor to 

2 certify a software application, said computer program product 

3 comprising: 

4 a computer readable medium; 

5 first program instruction means for entering a review request for 

6 a software application into a staging database; 

7 second program instruction means for assigning a reviewer and 

8 scheduling a time for said review; 

09 third program instruction means for performing a readiness 

30 assessment prior to said time for said review; 

Cil fourth program instruction means for assisting said reviewer in 

I|2 conducting said including assisting in providing an overview and 

:"13 process flows identifying control points, assisting in providing 

H4 deliverables, and assisting in providing a test plan; 

ys fifth program instruction means for reporting results of said 

16 review; and 

17 sixth program instruction means for determining whether said 

18 results justify a decision of certification of said software 

19 application; and wherein 

20 all said program instruction means are recorded on said medium. 
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ABSTRACT 



APPLICATION SYSTEM CERTIFICATION PROCESS 



A software application is certified prior to deployment. A 
reviewer is assigned and a review time scheduled. A readiness 
assessment is performed prior to the review time. The reviewer 
then conducts a review including an overview, process flows 
identifying control points, deliverables, a demonstration, and a 
test plan. Results of the review are reported and a 
determination made of whether to certify the application. 

The software application may also be certified including 
performing additional testing after deployment. 
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I hereby claim the benefit under 35 U. S. C. Section 120 of any United States application(s), or 
Section 365(c) of any PCT International application designating the United States, listed below and, 
insofar as the subject matter of each of the claims of this application is not disclosed in the prior 
United States or PCT International application In the manner provided by the first paragraph of 35 
U.S.C. Section 112, I acknowledge the duty to disclose to the United States Patent and Trademark 
Office all information known to me to be material to patentability as defined in Title 37, C. F. R., 
Section 1 .56 which became available between the filing date of the prior application and the national 
or PCT International filing date of this application: 



NONE 



(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 


(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 


(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 



I hereby declare that all statements made herein of my own knowledge are true and that all 
statements made on information and belief are believed to be true; and further that these statements 
were made with the knowledge that willful false statements and the like so made are punishable by 
fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that such 
willful false statements may jeopardize the validity of the application or any patent issued thereon. 
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POWER OF ATTORNEY: As a named inventor, I hereby appoint the following attorney{s) and/or 

agent(s) to prosecute this application and transact all business in the Patent and Trademark Office 

connected therewith, (list name and registration number) 

David L. Adour, Reg. No: 29,604 

Lawrence R. Fraley, Reg. No: 26,885 

John R. Pivnichny, Reg. No: 43,001 

Arthur J. Samodovitz, Reg. No: 31,297 

William H. Steinberg, Reg. No: 28,540 

John E. Hoel, Reg. No: 26,279 

ChristopherA. Hughes, Reg. No: 26,914 

Edward A. Pennington, Reg. No: 32,588 

Joseph C. Redmond, Jr., Reg. No: 18,753 



Send Correspondence to: ^* ^^^^^ 

IBM., N50/040-4 

1701 North Street 

Endicott,NY 13760 



Direct Telephone Galls to: (name and telephone number) 

John R. Pivnichny (607) 755-6565 



Full name of sole or first inventor 
Nancy M. Psaras 



Sole.or first inventor's sign. 



jidenci 



Date 



Residende \ 

20 Appalachian West, Hopewell Junction, NY 12533 



Citizensliip 
USA 



Post Office Address 
Same as Above 



Full name of second inventor, if any 
Thomas J. Cleary 



Second Inventor's signature 



Date 



Residence , ,^ 
26 Brandywine Crossing, Roxbury, CT 06783 



Citizenship 
USA 



Post Office Address 
Same as above 



Form PTO-SB-01 (6-95) (Modified) 



Patent and Trademark Office-U.S. DEPARTIWENT OF COMMERCE 



Page 4 of 4 



Full name of third inventor, if any 
George P. Ziegler 



Third inventor's signature * Date 

Residence ^ 

10 Grammar School Drive, Danbury, CT 06811 

Citizenship ~~~ 

Post Office Address 



Fuil name of fourth inventor, if any 



Fourth inventor's signature Date 



Residence 



Citizenship 



Post Office Address 



Full name of fifth inventor, if any 



Fifth inventor's signature Date 



Residence 



Citizenship 



Post Office Address 



Full name of sixth inventor, if any 



Sixth inventor's signature Date 



Residence 



Citizenship 



Post Office Address 
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